Quoting John Doe ([EMAIL PROTECTED]): > I remember a while back on this list, there was a discussion of alternative > ways of addressing URLs (using hex code and binary, I think). Can anyone > give me a refresher course?
URLs can be (at least with IE/Win, Mac is a bit picky about this and under Unix such behavior is controlled by the stack and may differ) either hex, oct or decimal, dotted quad or single-rep. | #!/usr/bin/env perl | | $IP = $ARGV[0]; ## Usage: perl obfucate.pl 10.1.1.1 | ($one, $two, $three, $four) = split(/\./, $IP); ## Split quads | $right = (($two * 256 + $three)*256)+$four; ## calculate "right" side | print $one.".".$right; ## print FIRST.CALCULATED perl obfuscate.pl 192.168.1.5 yields: 192.11010309 or, you could translate all four quads into their octal, decimal or binary representations. Or, you could not have any dots in it at all: | $sright = (((($one * 256 + $two) * 256) + $three) *256) +$four; | print $right; == 3232235781 for $ARGV[1] == 192.168.1.5 This works with Opera, some versions of IE (IE6/WinXP doesn't work), some versions of Netscape, OmniWeb, iCab, etc. This trick is used by SPAMmers to obfuscate their URLs and by malicious attackers to trick unsuspecting victims into opening a seemingly benign website: http://www.cnn.com?article-id=0xdeadbeef&data=extract@3232235781 will in fact not open cnn's website but 192.168.1.5 (note the @ sign, which is used to decalre everything prior to it as a "username" and passed as such. jonas -- Jonas M Luster -- d-fensive networks, Inc. -- http://www.d-fensive.com
